5b790d2d085d2498aa63822812562acc256a26febae6cc78563ba656eb9d0c1f | Triage

Submit
Reports

Overview

overview

Static

static

3

Sgrm/samcli.dll

windows10-2004-x64

1

Sgrm/samlib.dll

windows10-2004-x64

4

Sgrm/sas.dll

windows10-2004-x64

1

app__v7.3.5_.msi

windows7-x64

6

app__v7.3.5_.msi

windows10-2004-x64

wbem/appba...sk.dll

windows10-2004-x64

1

wbem/dnsclientcim.dll

windows10-2004-x64

1

wbem/dnscl...er.dll

windows10-2004-x64

1

winrm/AcLayers.dll

windows10-2004-x64

1

winrm/acledit.dll

windows10-2004-x64

1

winrm/aclui.dll

windows10-2004-x64

1

Analysis

max time kernel
90s
max time network
97s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
02-10-2024 01:17

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Sgrm/samcli.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

Sgrm/samlib.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral3

Sample

Sgrm/sas.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

app__v7.3.5_.msi

Resource

win7-20240903-en

discovery persistence privilege_escalation

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral5

Sample

app__v7.3.5_.msi

Resource

win10v2004-20240802-en

lumma discovery execution persistence privilege_escalation stealer

windows10-2004-x64

15 signatures

150 seconds

Behavioral task

behavioral6

Sample

wbem/appbackgroundtask.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

wbem/dnsclientcim.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

wbem/dnsclientpsprovider.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

winrm/AcLayers.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

winrm/acledit.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

winrm/aclui.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Report Analysis Logs

General

Target

winrm/AcLayers.dll
Size

325KB
MD5

3a515be88a59d8e0abaa0c299a5019b1
SHA1

0af8f3d0d3a34032b285433728ab4017e5c4a2c6
SHA256

5620f93cbde964ed16b7f3fadc74751e1867447a625da8593424ee3c2e0e7b8e
SHA512

71fdf1ee7e4e3f3d498e19ebce5ff2c9e0ed6891bf39295821e376cf928b4abfaf292e8fe6299fecd5f04716186a5a7d29218096f6e2b3964c2b1aa4dd08ff82
SSDEEP

6144:9BHWoCb3lqocQ5VcmFv6IjG6PQOymwXxzoi35K5w1FwvF:9BHWoI3lNcQ5VccVGK5+wN

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\winrm\AcLayers.dll,#1
1⤵
PID:532

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2024

Terms | Privacy